Editing AD security setting using Power shell

Question

I am attempting to add a group of users to a failover cluster in windows 2012r2 I need to add the nodes as administrator to each other. I have put them into their own OU. However I was hoping to script this per powershell and a csv import. Ideas?

My google fu has not gotten me anywhere.

Example.

Import-Csv "C:\Users\me\Desktop\users.csv" | Where-Object {$_.Name} |`
 ForEach-Object {`
New-ADUser `
-Name $_."Name" `
-GivenName $_."GivenName" `
-Surname $_."Surname" `
-Description $_."Department" `
-SamAccountName $_."Logon_Username" `
-UserPrincipalName $_."UPN" `
-DisplayName $_."Display_Name" `
-AccountPassword (ConvertTo-SecureString -AsPlainText "P@ssw0rd1!" -Force) `
-Path "OU=Users,OU=Head Office,OU=International,DC=company,DC=com" `
-ChangePasswordAtLogon $true `
-Enabled $true | Enable-ADAccount | `
Add-ADGroupMember "QA_Users" $_."Logon_Username";
}

This is what I use currently.

Answer 1

There is no error handling in this. It is provided as a starting point. Craft your CSV to simplify the work by making the csv headings exactly match the AD user object property names. Then the object imported is basically a user object.

$AccountList = Import-Csv "C:\Users\me\Desktop\users.csv"
$UserOU = "OU=Users,OU=Head Office,OU=International,DC=company,DC=com"
$AccountPassword = (ConvertTo-SecureString -AsPlainText "P@ssw0rd1!" -Force)

Foreach ($Account in $AccountList) {
    New-ADUser $Account -ChangePasswordAtLogon $True -AccountPassword $AccountPassword -Enabled $True -Path
    (Get-ADUser $Account.UserPrincipalName).UserPrincipalName + "Created"
    }